[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Fetching patches as origins instead of copying them into the Guix Gi
|
From: |
Ludovic Courtès |
|
Subject: |
Re: Fetching patches as origins instead of copying them into the Guix Git repo |
|
Date: |
Sat, 02 Sep 2017 22:55:44 +0200 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.2 (gnu/linux) |
Hello,
Marius Bakke <address@hidden> skribis:
> Leo Famulari <address@hidden> writes:
>
>> On Thu, Aug 31, 2017 at 09:52:49PM +0200, Marius Bakke wrote:
>>> Side note: I think we should start adding patches as origins instead of
>>> copying them wholesale, to try and keep the git repository slim.
[...]
> No, I mean adding patches like this:
>
> (define %CVE-1970-0001.patch
> (origin
> (method url-fetch)
> (uri "https://example.com/CVE-2017-0001.patch";)
> (sha256
> (base32
> "12c60iwxyc3rj6ih06a1g80vmkf8khvhm44xr9va4h21b74v8f5k"))))
>
> (package
> (...
> (patches (list (search-patch "guix-specific-stuff.patch")
> %CVE-1970-0001.patch)))
>
> That only requires the built-in guix downloader.
I agree, I did that a few times for this reason.
Once I did that for Coreutils, fetching the patch via a Cgit URL at
Savannah, and somehow that URL went broken at some later point, which
was annoying. But in general, it shouldn’t be worse than source URLs
that go 404.
Ludo’.